Ignore some safety alerts #7157

legoktm · 2024-04-30T21:30:04Z

Status

Ready for review

Description of Changes

66700 (CVE-2024-0690) - we only use no_log in tor-hidden-services where it is not in a loop
66777 (CVE-2023-6237) - not affected, as we build against system OpenSSL
66704 (CVE-2024-26130) - we should not be checking PKCS#12 keys/certs
66710 (CVE-2023-29483) - dev only, DoS isn't an issue

Testing

visual review
CI passes

Deployment

Any special considerations for deployment? n/a

* 66700 (CVE-2024-0690) - we only use `no_log` in tor-hidden-services where it is not in a loop * 66777 (CVE-2023-6237) - not affected, as we build against system OpenSSL * 66704 (CVE-2024-26130) - we should not be checking PKCS#12 keys/certs * 66710 (CVE-2023-29483) - dev only, DoS isn't an issue

cfm

CI passes now that #7155 (whose #7156 is blocked on this) does not apply.

legoktm requested a review from a team as a code owner April 30, 2024 21:30

cfm self-assigned this May 1, 2024

cfm approved these changes May 1, 2024

View reviewed changes

cfm merged commit 33cb6eb into develop May 1, 2024
17 checks passed

cfm mentioned this pull request May 1, 2024

loaddata: Fix random_datetime() edge case #7156

Merged

5 tasks

legoktm deleted the ignore-safety branch May 2, 2024 15:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Ignore some safety alerts #7157

Ignore some safety alerts #7157

legoktm commented Apr 30, 2024 •

edited by cfm

cfm left a comment

Ignore some safety alerts #7157

Ignore some safety alerts #7157

Conversation

legoktm commented Apr 30, 2024 • edited by cfm

Status

Description of Changes

Testing

Deployment

cfm left a comment

Choose a reason for hiding this comment

legoktm commented Apr 30, 2024 •

edited by cfm